Medium severity5.3GHSA Advisory· Published May 14, 2024· Updated Apr 15, 2026
CVE-2024-34914
CVE-2024-34914
Description
php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging in.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
php-censor/php-censorPackagist | >= 2.1.0, < 2.1.5 | 2.1.5 |
php-censor/php-censorPackagist | < 2.0.13 | 2.0.13 |
Affected products
2- Range: < 2.0.13
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.